Preparations for secure collaboration in a de-perimeterized business world

Jericho Forum released the results of a spot survey of 22 IT security vendors that responded to questions about vendor preparedness to deliver security for today’s de-perimeterized network business model — a model required to support collaboration between customers, partners, vendors and their mobile work forces. According to the respondents, vendors are listening to their customers and reacting to the problem! Of the vendors that responded to the survey, 67 percent intend to modify their products to deliver effective security for the perimeter erosion problem. One vendor summed it up for the remainder of the vendors: “While we do this explicitly already, we will continue to find new ways in which to perform these tasks.”

The survey uncovered that 45 percent of the vendors are being asked by more than half of their customers to enhance existing products or build new solutions to help them resolve the problem. Jericho Forum was the first thought-leadership group to recognize that business drivers for global operations over the Internet meant that once solid corporate “network security” walls would tumble down, leaving valuable confidential data exposed unless we adopt a new approach to securing our data. Composed of global corporate CISOs, who collectively are responsible for global revenue exceeding US$875 billion, and senior representatives from the vendor community, members of the Jericho Forum have united to create a blueprint for solutions to shore up security in the face of advancing perimeter erosion.

Respondents to the survey included representatives from Europe (73 percent) and the United States (37 percent). Focused on security products, vendors ranged from large companies with 1,000 to 10,000 plus employees that support a broad range of security products (53 percent) to small vendors with less than 100 employees that support a single product (47 percent). Products represented by these vendors include encryption data leakage prevention, intrusion prevention, compliance authentication, access control, anti-virus, secure client virtualization, vulnerability management and other types of IT security products.

Top Survey Highlights

• Respondents believe access control is one of the most important solutions that help customers resolve perimeter erosion problems. In weighted rankings, access control came in number one, authentication came in second, compliance third, data leak prevention and identity management tied for fourth, encryption was fifth, intrusion prevention sixth, and VPN came in seventh.
• Vendors are aware of the security concern enterprises have about the erosion of their network perimeter: 45 percent of survey respondents stated that more than half of their customers have requested enhancements or solutions to resolve this problem.
• Vendors and enterprises are becoming increasingly more aware of the de-perimeterization problem, but not enough is being done today to protect corporate assets. When asked, only 21 percent of vendors polled believed that less than half of their customers were running open networks environments that enable secure collaboration and commerce — which still leaves too many enterprises vulnerable.
• The survey revealed that the primary reason why more products are not available today is based on the state of the market, not a technical decision. In weighted rankings, vendors identified the lack of practical, scalable business models that support business on the Internet as the number one reason they are not more aggressively creating perimeter erosion solutions. The lack of incentives and design drivers for tackling the open network environment ranked second; lack of interoperable universal standards came in third; lack of a common language to express perimeter erosion solution goals, requirements, policies and solutions came in fourth; and having to bridge legacy systems with Internet-accessible devices came in fifth.